1. Field of the Invention
This invention relates generally to the field of data encryption and decryption as well as a technique which may be generally applicable to providing network services. More particularly the present invention relates to a method and apparatus for providing end-to-end data encryption and key management for X.25 and similar packet switching networks while maintaining proper packet numbering.
2. Background of the Invention
Due to attractive costs, capacity and other advantages, many data communications users are migrating to packet switched networks for some applications rather than using the current alternatives. However, many users are unable to take advantage of such networks due to their poor data security. As more and more data communication traffic is passed through such packet based networks such as X.25 networks, there becomes a greater need to provide data security between users of such networks. However, high levels of data security are inherently more difficult to provide in such networks while retaining full use of the network's advantages. While link level encryption is easily provided, this solution does not provide the high level of security required in many applications since clear data is available to an intruder at any number of locations in such a system. Accordingly, it is desirable to provide a mechanism for providing end-to-end encryption for packet based networks.
As with most encrypted communication systems, among the most difficult task of maintaining the security of such a network is that of key management. Since the security of the system depends heavily on the integrity of the key management system, the key management system must be secure and as easy as possible to use. It has long been known that the more frequently keys are changed the more secure the system. Since key changes are the responsibility of the key management system, the ultimate security of the system rests squarely upon both the integrity of the key management system and the ease with which keys may be changed. A cumbersome key management system may therefore result in less frequent key changes and an ultimate breech of security, or at best added expense.
The key management center has been proposed in the past as a solution to key distribution problems in non-packet systems. For example, U.S. Pat. No. 4,182,933 to Rosenblum describes such a system for providing remote key setting for an analog communication system. U.S. Pat. No. 4,578,531 to Everhart et al. also describes a key management system using a key distribution center coupled to the other encrypted devices by a special secure channel for transmitting keys. U.S. Pat. No. 4,607,137 to Jansen et al. describes another key distribution method.
Use of a key management system in a packet based network such as an X.25 type packet switching network basically involves obtaining a key from the key management center. In a switched virtual circuit, this presents special problems in call setup due to the need for the network to keep track (usually by packet numbers) of all packets involved in the setup and communication process. Both parties require the key(s) before actual communication can begin. Thus, the key management center must be involved in the call setup process. Since X.25 was not designed to provide for this, the network must be tricked into thinking that the packets counters are balanced in order to avoid problems. The present invention provides for maintaining the proper counter values for tracking packet numbers while maintaining X.25 compatibility.
The Cipher X.TM. series of encryption devices from Technical Communications Corporation provides end-to-end encryption for packet based networks, however no key management center is used for key management. Also, this device is incapable of supporting fast select packets, datagrams, packets with extended sequence numbers, invalid packet types, call requests with invalid cipher parameters, permanent virtual circuit packets, and call requests while the maximum number of virtual circuits are active.
The use of calls to a fictitious SAPI address is disclosed in U.S. patent application Ser. No. 150,130 to Norman Donaghue et al. filed Jan. 20, 1988. In this application, the fictitious calls are used to facilitate ISDN passive bus communication. This application is owned by the assignee of the present invention.
The present invention provides a method and apparatus for providing key distribution through a key distribution center for packet based networks such as X.25 networks. The present invention conforms to the current X.25 and X.9.17 standards while requiring no dedicated secure channel for transmission of keys.